Access to a resource may be granted in response to an authorization request. However, some authorization requests may be fraudulent. One or more authorization rules may be used to reject the authorization request based on whether conditions of the authorization rules are satisfied. For example, an authorization request may be rejected if parameters of the authorization request satisfy conditions of at least one of the authorization rules. The conditions for each of the authorization rules may be selected based on a representative training sample that includes known patterns or instances of fraudulent or invalid authorization requests. Accordingly, authorization requests may be checked against the authorization rules in order to deny fraudulent requests to access the resource.
There is a need to ensure that the authorization rules have not become obsolete or inaccurate. There is also a need to determine which authorization rules have higher accuracy compared to others. Embodiments of the invention address these and other problems.